diff options
| author | Jannis M. Hoffmann <jannis@fehcom.de> | 2024-09-28 15:42:26 +0200 |
|---|---|---|
| committer | Jannis M. Hoffmann <jannis@fehcom.de> | 2024-09-28 15:42:26 +0200 |
| commit | 5c4b60da46401ff3faf9e3f07d13f694f018cf29 (patch) | |
| tree | 9d421af7591f5f63bb9c9426984663d0ae2930d3 | |
| parent | 909c27beb1f34c71f672a8d2b1d805247335f67e (diff) | |
update for sqmail-4.3.16 and ucspi-ssl-0.13.01
| -rwxr-xr-x | build-sqmail | 157 | ||||
| -rwxr-xr-x | build-ucspi-ssl | 10 |
2 files changed, 89 insertions, 78 deletions
diff --git a/build-sqmail b/build-sqmail index 4c4622b..e41ce56 100755 --- a/build-sqmail +++ b/build-sqmail @@ -3,20 +3,24 @@ set -eu name=sqmail -version=4.3.14 +version=4.3.16 upname=${name}_$version.orig.tar.gz srcname=$name-$version rel_project_root=$name/$name-$version abs_project_root=$name-$version/$rel_project_root orig_project_root=$name-$version.orig/$rel_project_root -qmail_home=var/lib/qmail - -wget https://www.fehcom.de/$name/$name-$version.tgz -ln -sf $name-$version.tgz $upname +qmail_home=etc/qmail +qmail_queue=var/lib/qmail/queue + +if ! [ -e $name-$version.tgz ] +then + wget https://www.fehcom.de/$name/$name-$version.tgz + ln -sf $name-$version.tgz $upname +fi tar -xf $upname mv mail $srcname cd $srcname -debmake --email jannis@fehcom.de --fullname 'Jannis M. Hoffmann' +debmake --email jannis@fehcom.de --fullname 'Jannis M. Hoffmann' -b sqmail,sqmail-users patch debian/control <<'END' 2c2 @@ -31,6 +35,10 @@ patch debian/control <<'END' < Homepage: <insert the upstream URL, if relevant> --- > Homepage: https://www.fehcom.de/sqmail/sqmail.html +15c15 +< Depends: ${misc:Depends}, ${shlibs:Depends} +--- +> Depends: ${misc:Depends}, ${shlibs:Depends}, sqmail-users, ucspissl 15a16,18 > Provides: mail-transport-agent > Conflicts: mail-transport-agent @@ -68,7 +76,7 @@ override_dh_auto_install: END # tcp-environ.5 conflicts with ucspitcp6 package -cat <<END >debian/manpages +cat <<END >debian/sqmail.manpages $rel_project_root/man/*.[13789] $rel_project_root/man/addresses.5 $rel_project_root/man/envelopes.5 @@ -79,7 +87,7 @@ $rel_project_root/man/qmail-log.5 $rel_project_root/man/tai64nfrac.5 END -cat <<END >debian/install +cat <<END >debian/sqmail.install # base $rel_project_root/src/qmail-clean usr/bin $rel_project_root/src/qmail-inject usr/bin @@ -219,7 +227,7 @@ $rel_project_root/src/zsuids usr/bin # other $rel_project_root/src/qmail-dkverify usr/bin -$rel_project_root/ctl/* etc/sqmail +$rel_project_root/ctl/* etc/qmail/control debian/contrib/sqmail-send.service usr/lib/systemd/system debian/contrib/sqmail-smtpd.service usr/lib/systemd/system @@ -238,7 +246,7 @@ BEGIN { FS = ":"; OFS = "\t"; print "# Generated by 'convert_ids.awk'; DO NOT ED } { exit 1 } END -awk -f debian/contrib/convert_ids.awk sqmail/$srcname/conf-ids | expand -t 3,12,26,50 >debian/sysusers +awk -f debian/contrib/convert_ids.awk sqmail/$srcname/conf-ids | expand -t 3,12,26,50 >debian/sqmail-users.sysusers cat <<'END' >debian/contrib/sqmail-send.service [Unit] @@ -246,7 +254,7 @@ Description=qmail delivery daemon After=network-online.target [Service] -execStart=qmail-start ./Maildir +ExecStart=qmail-start ./Maildir/ [Install] WantedBy=multi-user.target @@ -259,10 +267,9 @@ After=network-online.target [Service] User=qmaild -Group=qmaild -Environment=UCSPITLS="" SPF="1" -EnvironmentFile=/var/qmail/ssl/ssl.env -ExecStart=sslserver -seVn -Rp -l %H -Xx /etc/qmail/rules.smtpd.cdb 0 smtp qmail-smtpd +AmbientCapabilities=cap_net_bind_service +Environment=UCSPITLS="" SPF="1" DHFILE="/usr/share/ucspi-ssl/dh2048.pem" +ExecStart=sslserver -seVn -Rp -l %H -Xx /etc/qmail/control/rules.smtpd.cdb :0 smtp qmail-smtpd ExecReload=qmail-tcpok ExecReload=/bin/kill -ALRM $MAINPID @@ -301,12 +308,11 @@ $rel_project_root/src/hasspnam.h $rel_project_root/src/hasutmp.h END -cat <<END >debian/links -/etc/sqmail/ $qmail_home/control +cat <<END >debian/sqmail.links /usr/bin/ $qmail_home/bin END -cat <<END >debian/postinst +cat <<END >debian/sqmail.postinst #!/bin/sh # postinst script for #PACKAGE# # @@ -329,6 +335,12 @@ set -e case "\$1" in configure) + install -d -g sqmail $qmail_home + install -d -g sqmail $qmail_home/control + install -d -o alias -g sqmail $qmail_home/alias + install -d -o sqmtls -g nofiles $qmail_home/ssl + install -d -g sqmail $qmail_home/users + hostname >$qmail_home/control/me hostname >$qmail_home/control/rcpthosts @@ -345,34 +357,39 @@ case "\$1" in chown :sqmail usr/bin/qmail-vmailuser chmod ug+s usr/bin/qmail-vmailuser - install -d -g sqmail $qmail_home - install -d -o alias -g sqmail $qmail_home/alias - install -d -o qmailq -g sqmail -m 750 $qmail_home/queue - install -d -o qmails -g sqmail -m 700 $qmail_home/queue/bounce - install -d -o qmailq -g sqmail -m 750 $qmail_home/queue/dkim - install -d -o qmails -g sqmail -m 700 $qmail_home/queue/info - install -d -o qmailq -g sqmail -m 700 $qmail_home/queue/intd - install -d -o qmails -g sqmail -m 700 $qmail_home/queue/local - install -d -o qmailq -g sqmail -m 750 $qmail_home/queue/lock - install -d -o qmailq -g sqmail -m 750 $qmail_home/queue/mess - install -d -o qmailq -g sqmail -m 700 $qmail_home/queue/pid - install -d -o qmails -g sqmail -m 700 $qmail_home/queue/remote - install -d -o qmailq -g sqmail -m 750 $qmail_home/queue/todo - install -d -o sqmtls -g nofiles $qmail_home/ssl - install -d -g sqmail $qmail_home/users - - touch $qmail_home/queue/lock/sendmutex - chown qmails:sqmail $qmail_home/queue/lock/sendmutex - chmod 600 $qmail_home/queue/lock/sendmutex - - touch $qmail_home/queue/lock/tcpto - chown qmailr:sqmail $qmail_home/queue/lock/tcpto - chmod 644 $qmail_home/queue/lock/tcpto - fallocate -l 1024 $qmail_home/queue/lock/tcpto - - [ -p $qmail_home/queue/lock/trigger ] || mkfifo $qmail_home/queue/lock/trigger - chown qmails:sqmail $qmail_home/queue/lock/trigger - chmod 622 $qmail_home/queue/lock/trigger + install -d -o qmailq -g sqmail -m 750 $qmail_queue + install -d -o qmails -g sqmail -m 700 $qmail_queue/bounce + install -d -o qmailq -g sqmail -m 750 $qmail_queue/dkim + install -d -o qmails -g sqmail -m 700 $qmail_queue/info + install -d -o qmailq -g sqmail -m 700 $qmail_queue/intd + install -d -o qmails -g sqmail -m 700 $qmail_queue/local + install -d -o qmailq -g sqmail -m 750 $qmail_queue/lock + install -d -o qmailq -g sqmail -m 750 $qmail_queue/mess + install -d -o qmailq -g sqmail -m 700 $qmail_queue/pid + + for i in \$(seq 0 22) + do + install -d -o qmailq -g sqmail $qmail_queue/dkim/\$i + install -d -o qmails -g sqmail $qmail_queue/info/\$i + install -d -o qmailq -g sqmail $qmail_queue/intd/\$i + install -d -o qmails -g sqmail $qmail_queue/local/\$i + install -d -o qmailq -g sqmail $qmail_queue/mess/\$i + install -d -o qmails -g sqmail $qmail_queue/remote/\$i + install -d -o qmailq -g sqmail $qmail_queue/todo/\$i + done + + touch $qmail_queue/lock/sendmutex + chown qmails:sqmail $qmail_queue/lock/sendmutex + chmod 600 $qmail_queue/lock/sendmutex + + touch $qmail_queue/lock/tcpto + chown qmailr:sqmail $qmail_queue/lock/tcpto + chmod 644 $qmail_queue/lock/tcpto + fallocate -l 1024 $qmail_queue/lock/tcpto + + [ -p $qmail_queue/lock/trigger ] || mkfifo $qmail_queue/lock/trigger + chown qmails:sqmail $qmail_queue/lock/trigger + chmod 622 $qmail_queue/lock/trigger ;; abort-upgrade|abort-remove|abort-deconfigure) @@ -392,7 +409,7 @@ esac exit 0 END -cat <<END >debian/postrm +cat <<END >debian/sqmail.postrm #!/bin/sh # postrm script for #PACKAGE#. # @@ -419,7 +436,8 @@ case "\$1" in ;; purge) - rm -rf $qmail_home/queue/* + rm -rf $qmail_home + rm -rf ${qmail_queue%/queue} ;; *) @@ -438,35 +456,24 @@ END cat <<END >debian/patches/000-config.patch Author: Jannis M. Hoffmann -Description: Adjust build configuration so that the \`configure' step creates conf-XX files. - ---- $abs_project_root/conf-cc -+++ /dev/null -@@ -0,18 +0,0 @@ --cc -O2 -Wall -Wno-narrowing -Iinclude -I\`head -1 ../conf-qlibs\`/include \`head -1 ../conf-ssl\` -- --# This will work for both i386 and AMD64 architecture enabling INET6 support. --# IDN2 support is NOT enabled by default. You do not have 'libidns2' installed and set: -DIDN2 -- --# For obfuscation, you can hide the virtual user's local part for VERP addresses; inappropriate for VPOPMAIL: -- --cc -O2 -Wall -Wno-narrowing -Iinclude -I\`head -1 ../conf-qlibs\`/include \`head -1 ../conf-ssl\` -DHIDEVIRTUALUSER -- --# qmail-remote will bounce mails immediately, if no DNS record is found; or mail may stay in the queue until it expires: -- --cc -O2 -Wall -Wno-narrowing -Iinclude -I\`head -1 ../conf-qlibs\`/include \`head -1 ../conf-ssl\` -DDEFERREDBOUNCES -- --# security might be enhanced, using the following compiler flags: -- --cc -Wall -pipe -z relro -z now -pie -fPIE -fstack-protector-all -D_FORTIFY_SOURCE=2 -O2 -DIDN2 -- --# This is for gcc and with strong security in mind. - ---- $abs_project_root/conf-home +Description: change queue directory + +--- $orig_project_root/conf-queue ++++ $abs_project_root/conf-queue +@@ -1,3 +1,3 @@ +-/var/qmail ++/var/lib/qmail + + # Note: ./queue/ is added automatically! + +--- $orig_project_root/conf-home +++ $abs_project_root/conf-home -@@ -1,1 +1,1 @@ -+/$qmail_home +@@ -1,4 +1,4 @@ -/var/qmail ++/etc/qmail + + # This is the sqmail home directory. It must be a local directory, not + # shared among machines. The mail queue may reside at a different directory. e.g.: END diff --git a/build-ucspi-ssl b/build-ucspi-ssl index caab438..fc59be0 100755 --- a/build-ucspi-ssl +++ b/build-ucspi-ssl @@ -3,14 +3,17 @@ set -euC name=ucspi-ssl -version=0.12.10 +version=0.13.01 upname=${name}_$version.orig.tar.gz srcname=$name-$version rel_project_root=superscript.com/net/$name-$version abs_project_root=$name-$version/$rel_project_root -wget https://www.fehcom.de/ipnet/$name/$name-$version.tgz -ln -sf $name-$version.tgz $upname +if ! [ -e $name-$version.tgz ] +then + wget https://www.fehcom.de/ipnet/$name/$name-$version.tgz + ln -sf $name-$version.tgz $upname +fi tar -xf $upname mv host $srcname cd $srcname @@ -65,6 +68,7 @@ $rel_project_root/src/sslclient usr/bin $rel_project_root/src/sslconnect usr/bin $rel_project_root/src/sslhandle usr/bin $rel_project_root/src/sslserver usr/bin +$rel_project_root/etc/dh2048.pem usr/share/ucspi-ssl END cat <<END >|debian/libucspissl.install |